diff --git a/koji-containerbuild.spec b/koji-containerbuild.spec index 7e89415..a525daa 100644 --- a/koji-containerbuild.spec +++ b/koji-containerbuild.spec @@ -52,7 +52,7 @@ Hub plugin that extend Koji to support building layered container images License: LGPLv2 Summary: Builder plugin that extend Koji to build layered container images Group: Applications/System -Requires: koji-builder +Requires: koji-builder >= 1.26 Requires: koji-containerbuild Requires: osbs-client %if 0%{with python3} diff --git a/koji_containerbuild/plugins/builder_containerbuild.py b/koji_containerbuild/plugins/builder_containerbuild.py index 9e7aab8..0ff81ca 100644 --- a/koji_containerbuild/plugins/builder_containerbuild.py +++ b/koji_containerbuild/plugins/builder_containerbuild.py @@ -761,7 +761,19 @@ def createContainer(self, src=None, target_info=None, arches=None, self.logger.debug("Started by %s", owner_info['name']) scm = My_SCM(src) - scm.assert_allowed(self.options.allowed_scms) + scm_policy_opts = { + 'user_id': this_task['owner'], + 'channel': self.session.getChannel(this_task['channel_id'], + strict=True)['name'], + 'scratch': bool(scratch), + } + scm.assert_allowed( + allowed=self.options.allowed_scms, + session=self.session, + by_config=self.options.allowed_scms_use_config, + by_policy=self.options.allowed_scms_use_policy, + policy_data=scm_policy_opts) + git_uri = scm.get_git_uri() component = scm.get_component() arch = None @@ -878,7 +890,6 @@ def fetchDockerfile(self, src, build_tag): Gets Dockerfile. Roughly corresponds to getSRPM method of build task """ scm = SCM(src) - scm.assert_allowed(self.options.allowed_scms) scmdir = os.path.join(self.workdir, 'sources') koji.ensuredir(scmdir) diff --git a/requirements-devel.txt b/requirements-devel.txt index 0a99bf8..5135625 100644 --- a/requirements-devel.txt +++ b/requirements-devel.txt @@ -1,2 +1,2 @@ git+https://github.com/projectatomic/osbs-client -koji +koji>=1.26 diff --git a/requirements.txt b/requirements.txt index ffeaec4..1c42351 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,2 +1,3 @@ jsonschema==3.2.0 six +koji>=1.26 diff --git a/test.sh b/test.sh index d86280a..ecf83fb 100755 --- a/test.sh +++ b/test.sh @@ -31,14 +31,14 @@ function setup_kojic() { PIP_PKG="$PYTHON-pip" PIP="pip" PKG="yum" - PKG_EXTRA=(yum-utils git-core koji koji-hub) + PKG_EXTRA=(yum-utils git-core koji koji-hub python-gssapi) BUILDDEP="yum-builddep" else PYTHON="python$PYTHON_VERSION" PIP_PKG="$PYTHON-pip" PIP="pip$PYTHON_VERSION" PKG="dnf" - PKG_EXTRA=(dnf-plugins-core git-core "$PYTHON"-koji "$PYTHON"-koji-hub) + PKG_EXTRA=(dnf-plugins-core git-core "$PYTHON"-koji "$PYTHON"-koji-hub "$PYTHON"-gssapi) BUILDDEP=(dnf builddep) fi @@ -136,6 +136,10 @@ case ${ACTION} in setup_kojic # This can run only at fedora because pylint is not packaged in centos # use distro pylint to not get too new pylint version + if [[ ${PYTHON_VERSION} == "2" ]]; then + $RUN $PKG remove -y python2-koji + fi + $RUN $PKG install -y "${PYTHON}-pylint" PACKAGES='koji_containerbuild tests' TEST_CMD="${PYTHON} -m pylint ${PACKAGES}" diff --git a/tests/test_builder_containerbuild.py b/tests/test_builder_containerbuild.py index 54913ce..e357b16 100644 --- a/tests/test_builder_containerbuild.py +++ b/tests/test_builder_containerbuild.py @@ -48,7 +48,21 @@ def mock_incremental_upload(session, fname, fd, uploadpath, logger=None): pass +def mock_options_and_assert_allowed(): + flexmock(koji.daemon.SCM).should_receive('assert_allowed').and_return(True) + + return flexmock(allowed_scms='pkgs.example.com:/*:no', + allowed_scms_use_config=True, + allowed_scms_use_policy=True) + + +class mock_time(object): + def sleep(self, *args): + return + + builder_containerbuild.incremental_upload = mock_incremental_upload +builder_containerbuild.time = mock_time() LogEntry = namedtuple('LogEntry', ['platform', 'line']) @@ -306,11 +320,14 @@ def _mock_session(self, last_event_id, koji_task_id, pkg_info=USE_DEFAULT_PKG_IN (session .should_receive('getTaskInfo') .with_args(koji_task_id) - .and_return({'owner': 'owner'})) + .and_return({'owner': 'owner', 'channel_id': 1})) (session .should_receive('getUser') .with_args('owner') .and_return({'name': 'owner-name'})) + (session + .should_receive('getChannel') + .and_return({'name': 'default_channel'})) (session .should_receive('getPackageConfig') .with_args('dest-tag', 'fedora-docker') @@ -614,7 +631,7 @@ def test_osbs_build(self, tmpdir, pkg_info, failure, orchestrator): session = self._mock_session(last_event_id, koji_task_id, pkg_info) folders_info = self._mock_folders(str(tmpdir)) src = self._mock_git_source() - options = flexmock(allowed_scms='pkgs.example.com:/*:no') + options = mock_options_and_assert_allowed() task = builder_containerbuild.BuildContainerTask(id=koji_task_id, method='buildContainer', @@ -681,7 +698,7 @@ def test_osbs_build_source(self, pkg_info, failure): .should_receive('getPackageConfig') .with_args('dest-tag', 'source_package-source') .and_return(pkg_info)) - options = flexmock(allowed_scms='pkgs.example.com:/*:no') + options = mock_options_and_assert_allowed() task = builder_containerbuild.BuildSourceContainerTask(id=koji_task_id, method='buildSourceContainer', @@ -728,7 +745,7 @@ def test_createContainer_failure(self, tmpdir, reason, expected_exc_type): session = self._mock_session(last_event_id, koji_task_id) folders_info = self._mock_folders(str(tmpdir)) src = self._mock_git_source() - options = flexmock(allowed_scms='pkgs.example.com:/*:no') + options = mock_options_and_assert_allowed() task = builder_containerbuild.BuildContainerTask(id=koji_task_id, method='buildContainer', @@ -795,7 +812,7 @@ def test_createSourceContainer_failure_source(self, tmpdir, reason, expected_exc .should_receive('getPackageConfig') .with_args('dest-tag', 'source_package-source') .and_return({'blocked': False})) - options = flexmock(allowed_scms='pkgs.example.com:/*:no') + options = mock_options_and_assert_allowed() task = builder_containerbuild.BuildSourceContainerTask(id=koji_task_id, method='buildSourceContainer', @@ -925,7 +942,7 @@ def test_private_branch(self, tmpdir): koji_task_id = 123 last_event_id = 456 - options = flexmock(allowed_scms='pkgs.example.com:/*:no') + options = mock_options_and_assert_allowed() folders_info = self._mock_folders(str(tmpdir)) pkg_info = {'blocked': False} @@ -1001,7 +1018,7 @@ def test_additional_args(self, tmpdir, log_upload_raises, orchestrator, addition session = self._mock_session(last_event_id, koji_task_id) folders_info = self._mock_folders(str(tmpdir)) src = self._mock_git_source() - options = flexmock(allowed_scms='pkgs.example.com:/*:no') + options = mock_options_and_assert_allowed() task = builder_containerbuild.BuildContainerTask(id=koji_task_id, method='buildContainer', @@ -1079,7 +1096,7 @@ def test_additional_args_source(self, log_upload_raises, additional_args): .with_args('dest-tag', 'source_package-source') .and_return({'blocked': False})) - options = flexmock(allowed_scms='pkgs.example.com:/*:no') + options = mock_options_and_assert_allowed() task = builder_containerbuild.BuildSourceContainerTask(id=koji_task_id, method='buildSourceContainer', @@ -1133,7 +1150,7 @@ def test_flatpak_build(self, tmpdir, isolated, release, koji_parent_build): session = self._mock_session(last_event_id, task_id, {'blocked': False}) folders_info = self._mock_folders(str(tmpdir)) src = self._mock_git_source() - options = flexmock(allowed_scms='pkgs.example.com:/*:no') + options = mock_options_and_assert_allowed() task = builder_containerbuild.BuildContainerTask(id=task_id, method='buildContainer', @@ -1189,7 +1206,7 @@ def test_oversized_tags(self, tmpdir, orchestrator, tag, release, is_oversized): session = self._mock_session(last_event_id, koji_task_id) folders_info = self._mock_folders(str(tmpdir), additional_tags_content=tag) src = self._mock_git_source() - options = flexmock(allowed_scms='pkgs.example.com:/*:no') + options = mock_options_and_assert_allowed() task = builder_containerbuild.BuildContainerTask(id=koji_task_id, method='buildContainer', @@ -1288,7 +1305,7 @@ def test_build_nvr_exists(self, tmpdir, orchestrator, build_state, triggered_aft folders_info = self._mock_folders(str(tmpdir), dockerfile_content=dockerfile_content) src = self._mock_git_source() - options = flexmock(allowed_scms='pkgs.example.com:/*:no') + options = mock_options_and_assert_allowed() task = builder_containerbuild.BuildContainerTask(id=koji_task_id, method='buildContainer', @@ -1398,7 +1415,7 @@ def test_source_build_info(self, create_args, build_types, cause): log_message = ('koji build {} is source container build, source container can not ' 'use source container build image'.format(provided_nvr)) - options = flexmock(allowed_scms='pkgs.example.com:/*:no') + options = mock_options_and_assert_allowed() task = builder_containerbuild.BuildSourceContainerTask(id=koji_task_id, method='buildSourceContainer', @@ -1437,7 +1454,7 @@ def test_compose_ids_and_signing_intent(self, tmpdir, additional_args, raises): session = self._mock_session(last_event_id, koji_task_id) folders_info = self._mock_folders(str(tmpdir)) src = self._mock_git_source() - options = flexmock(allowed_scms='pkgs.example.com:/*:no') + options = mock_options_and_assert_allowed() task = builder_containerbuild.BuildContainerTask(id=koji_task_id, method='buildContainer', @@ -1503,7 +1520,7 @@ def test_arch_override(self, tmpdir, orchestrator, additional_args, raises): session = self._mock_session(last_event_id, koji_task_id) folders_info = self._mock_folders(str(tmpdir)) src = self._mock_git_source() - options = flexmock(allowed_scms='pkgs.example.com:/*:no') + options = mock_options_and_assert_allowed() task = builder_containerbuild.BuildContainerTask(id=koji_task_id, method='buildContainer', @@ -1863,7 +1880,7 @@ def test_raise_OsbsValidationException(self, tmpdir): session = self._mock_session(last_event_id, koji_task_id) src = self._mock_git_source() - options = flexmock(allowed_scms='pkgs.example.com:/*:no') + options = mock_options_and_assert_allowed() builder_containerbuild.incremental_upload = mock_incremental_upload @@ -1914,7 +1931,7 @@ def test_user_warnings(self, tmpdir): session = self._mock_session(last_event_id, koji_task_id) folders_info = self._mock_folders(str(tmpdir)) src = self._mock_git_source() - options = flexmock(allowed_scms='pkgs.example.com:/*:no') + options = mock_options_and_assert_allowed() builder_containerbuild.incremental_upload = mock_incremental_upload @@ -1977,7 +1994,7 @@ def test_user_warnings_source(self, tmpdir): .should_receive('getPackageConfig') .with_args('dest-tag', 'source_package-source') .and_return({'blocked': False})) - options = flexmock(allowed_scms='pkgs.example.com:/*:no') + options = mock_options_and_assert_allowed() task = builder_containerbuild.BuildSourceContainerTask(id=koji_task_id, method='buildSourceContainer',